It might sound morbid but they should have waited until he was dead.
I beg to differ (and not just because I liked Ronald Reagan) because the US Navy has named other ships after living persons. Not many, to be sure, but the tradition, if there ever was one, has long been changed.
This is an excerpt from the Ronald Reagan entry in wikipedia:
The aircraft carrier USS Ronald Reagan (CVN-76) was christened March 4, 2001, making it one of the very few US Navy ships to be named for a living person. (The first was USS Carl Vinson (CVN-70); others include USS Arleigh Burke (DDG-51), USS Hyman G. Rickover (SSN 709), USS Jimmy Carter (SSN-23), and USNS Bob Hope (T-AKR-300).)
Also, in 1980, Carl Vinson became the first person to witness an aircraft carrier being launched in his own honor (history of the USS Carl Vinson).
Now, for USPS stamps, there's a clearer tradition
of waiting until a person is no longer living, so
if you want to start your campaign to make sure that Reagan is left off of stamps until he's deceased, go for it...
Before I comment on the museum looting story, I should note that I agree that government spending should favor open source (although I think public domain would be fine as well) over closed source. To a large extent it does, but if it's my tax dollars, then I should get more back for it, not less. Spending money on commercial software when good free alternatives exist is not a good use of my taxes, so I'm glad to see maddog talking about this.
Anyway, I realize the speech was about something else and this quote was probably selected because of its topical nature (or the reporter's leanings), but the story has been well disproven as a falsehood seized upon by the media in their frenzy to discredit the US and the UK.
I'm surprised to see the "thousands and thousands" version of the story, intended to swing public opinion against the Iraq war, still being referenced.
"These treasures were created over tens of thousands of years, and all of a sudden, because of the lack of foresight of a few greedy people, a lot of them were removed from the world," he said. "The world has to decide whether or not to send in troops to guard this free and open-source software, to protect it for the world's use."
Even The Guardian has backed off of the earlier story.
If you want a right-wing source instead of a left-wing source, try WorldNetDaily which was published more than a month before the Guardian one (it helps to use multiple sources).
And even if the original version of the story had been true, I could really care less about some museum pieces compared to the lives of the US and UK military, the Iraqi people, the Kurds, etc.
What do you mean about wanting to be free to negotiate? The whole article was about management issuing a take-it-or-leave-it ultimatum.
Anonymous Coward:
That's right. We're not serfs. You can leave
the company if you're not happy with the ultimatum. However, what works better is to
voice your concerns and threaten to resign if your
concerns are not met. If you are Barney Goofoff,
then they're not going to care, but if you are
valuable, then if management knows what is good for them, they will listen,
especially if others are likely to follow your example. If
they don't listen, you probably don't want to work
there anyway.
Better not do it
without a damn good reason or if you have poor skills.
If you're a slacker, you're better off joining a union or better yet, spend all your time trying to start one, be a trouble maker, and then when
you get fired, you can sue! (Maybe it's too bad
that people can't sue when they are forced
into a union against their will.)
Your story seems to demonstrate the needs for techs to unionize.
Unions are just a plain bad idea for technical
skilled people, especially the most skilled people. We're not just turning screwdrivers.
I've been an individual contributor, a manager,
and a team leader all within the same company, usually going where the need was greatest or my skills matched. About half of my managers were engineers (and some were good managers) and they too changed roles from time to time. Unions assume that it's management vs. the employees. In addition to being part of either group, I was also a part owner of the company (through stock options). When I got laid-off, I knew it was the only option for the company at the time. Yeah, I thought bad decisions had been made before that point (and obviously, I thought laying me off was a bad idea, but those are the breaks, I wasn't going to cry about it).
In addition to all that, I'd rather be free to negotiate my own salary, schedule, etc. Being
part of a union would not help.
Anyway, please keep your unions to yourself. I
like being independent and being judged and paid
according to my own work. If I can avoid it,
I'll never join a union. It's one of the
worst things that could happen to my long-term career and compensation prospects.
With a seriously tremendous infrastructure and expansive will, Wal-Mart stands poised to overtake Netflix. To say the least, that's not going to be good for business.
Did I miss something? Why should anyone care if
Netflix goes out of business? If Wal-Mart can
beat 'em, more power to them. It's a business
run over the web and by postal mail. Anyone can
compete in this space and we, the consumer, have nothing to lose (except maybe if all the players
disappear). This is good for us, maybe
we'll get a price war, especially if a few more
companies decide to jump into the business.
I don't want to hear any whining about Wal-Mart
and small town stores. Whatever you believe, it
just doesn't apply here since this business has
no store front.
Ok, lets add it up... $6.50 minimum wage. Lets throw on 0.40 for unemployment, Social insecurity, medicare, etc.
You missed hidden costs (which I mentioned). Insurance is probably
cheaper if you have a minimally trained attendant
pump the gas (who knows where the fire extinguisher is, can tell people to not smoke, and so on) rather
than any random person who might sue (and probably
does from time to time) the company running
the gas station.
I'm from New Jersey (where gas is similarly pumped
by an attendant). I recall there was a study
some years ago that showed the cost to have
someone pump your gas was close enough to zero
(less than one cent per gallon) after factoring in insurance and other factors that it didn't
matter, so New Jersey decided to keep the law
unchanged (at the time, I haven't been back for
about two years, so maybe it has changed).
I actually liked that I didn't have to get out
of my car to pump gas on a cold/hot/rainy day
or when I was wearing something nice or just didn't feel like getting my hands grimey on
the pump handle. Not to be a germaphobe, but
you all know what I mean.
Anyway, as far as gas taxes go, I think people
would be more in favor of them if they really
went straight to the roads and not into each
state's general fund where they are wasted just
like the rest of our money. I'm not sure if
Oregon is that way, but you know California and
most states are.
I just criticized this particular way of combatting the spam problem. Spam (including spam from impersonators) can already be very effectively blocked using a combination of a good spam sources block list with a list of open proxies and relays. The tools exist that deal with the problem without breaking e-mail as we know it. RMX would only force spammers to send mail from a domain belonging to the originating network and would thus only serve to legitimize spam.
I've been testing RBLs for SpamAssassin for the
last several months. They tend to have a far
worse false positive problem than your unique
travel problem, so we have to be very careful
about how they get used (weighted scores and so on). The SpamHaus Block List, which you mention,
has a FP rate of 0.5%. Open proxy block lists have a much lower false positive rate (some have an FP rate of virtually zero, like OPM), but they
don't account for all spam.
You also seem to have ignored my
argument that authentication solves your problem.
If it doesn't prevent legitimate senders from sending email (like some cash-based methods would), I think it's worth a shot at the very least.
As for the argument that RMX won't stop spammers,
I think it can only help. Why do you think spammers forge domains right now? It makes it easier for their message to get out if they can impersonate good domains. Make that impossible and it makes it harder for them to get their message out, so they make less money on spam. And if you combine RMX with public
listings of "good domains" -- places that have
a historic record of not being spam friendly
(this also largely handles your.edu domain issue), then it
makes it much easier to filter email. RMX is
not the entire solution, it's part of the
solution. RMX also allows reliable whitelisting
and blacklisting (which is hard to do accurately
right now).
Also, if spammers have to resort to hijacking
computers to send their UBE, it should make it
somewhat easier to punish them severely.
I just can't see any reason why being able to
verify that a mail server was allowed to send
mail on the behalf of a domain is a bad thing.
In addition to everything else I've said, it
makes fraud more difficult, whitelists stronger,
RBLs more effective (especially domain-based
ones like dsn.rfc-ignorant.org), and will help
Bayesian systems as well (since From: domain
will become a more meaningful token). There
is a huge number of improvements this will allow
in spam filters. This is long past due.
When I travel abroad, I send e-mail with my own home e-mail address as the sender through the foreign ISP's SMTP server (and collect mail with POP3 from my home ISP as usual). This has several advantages such as not needing another e-mail account and still being able to post to mailing lists. This plan will lump that in with "fraud" and make it impossible. With whitelisting on private e-mail becoming more and more common, this will be even more of an issue.
This is a really weak argument to continue
to allow anyone to impersonate me (well, to
pretend to be allowed to send mail for my domain). There are two simple reasons why:
Your ISP does not have to implement restrictive RMX,
they can allow any IP address to send mail on
their behalf. If you don't like your ISP,
switch to a more permissive one.
You can use authenticated SMTP or POP3
before SMTP to send mail from your ISP mail
server. Authentication exists for a
reason!
Basically, if you aren't happy with RMX, just
find a different ISP (probably one that is
spammer friendly, go figure) or set up your own domain. I like this solution because the market
can decide whether or not it will be useful and
user choice (in spam filters) can be preserved.
I hope we'll be able to add this useful tool to
SpamAssassin soon.
(I agree with you entirely about "spam" already
having a perfectly good definition: UBE. I
suspect their weasel-words are due to the
influence of the DMA and their allies who claim that
spam is only a problem because of fraud and scams.
No, spam is a problem because I'm being flooded
by UBE. I don't care if it's fraudulent or not.)
If the satellite monitoring is so good, how did they manage to be so wrong abount WMD in Iraq. I can't help wondering if there was ever any real evidence...
There seem to be several basic problems that people
have with blacklists. One is that they are "censorship" or harm "free speech". No, they are not censorship and some people evidently didn't pay attention in civics class (or whatever they call it today). Free speech is about limiting the government's ability to squash speech. Not about private enterprises
blocking unwanted access to their networks. If
you don't want to use blacklists, most ISPs give
you that option or you can change ISPs. There may
be some ISPs that don't adequately inform customers
about DNS blacklists, but I can accept this
because I believe in free markets. Some companies
suck, they usually suck in more ways than one,
and customers get what they pay for. If you want
a better ISP, you have to pay more. If your mail
filter doesn't use the right blacklists and blocks
too much good email, get something better. Maybe this is hard for people to understand because they
don't grasp free markets and customer choice.
Of course, if the government (any government) wanted to mandate blacklists, it would be a horrible idea! And I'd
be right along with everyone else -- against it.
Now that that's off my chest, I think the biggest misunderstanding about
DNS blacklists is how to use them. Most sites
use them as absolute blocks. That is, if any
relay on an incoming email is found in a single blacklist, then that message is blocked. I've
tested hundreds of blacklists and no single blacklist that includes any appreciable number of spammer IP addresses is absolutely reliable.
The solution is technical and simple: use more than one blacklist. Weight them. Use math and statistics to achieve good results based on past accuracy rates. Don't use the
ones that work poorly such as SPEWS which has a
poor false positive rate, or just weight them much lower than better blacklists.
Incidentally, this is exactly the approach that
SpamAssassin takes. We let our genetic algorithm
decide what weight to use for each blacklist.
It's not perfect, but boy, does it help keep
spam out of our inboxes! Actually, this is
the SpamAssassin philosophy about email filtering
in general. We don't place all our bets on any
single filtering method. We use every method at
our disposal and let statistical methods decide
what works best and how to weight them. If
spam evolves, we evolve. If the attacks on
Bayesian filtering prove to be too powerful, we'll
have other methods to fall back on. Sorry for
the advertisement, but I think the "all or none"
approach is exactly why some people are so
against blacklists. That's also why most legislative anti-spam proposals are such incredibly bad ideas.
Most people call the distributions just linux, which is fine (I personally think people can call things whatever they like) but I find it does cause confusion sometimes. eg "I'm downloading a new version of linux" can mean redhat 9 for example, or it can mean linux-2.5.68.tar.gz
This is true up until the point of what most people say when they're downloading linux-2.5.68.tar.gz.
Virtually everyone I've known says "Linux kernel", "the kernel", or just "2 5 68" in that context. Why? Because you need to be more specific since almost everyone uses "Linux" to refer to either. That includes kernel developers (certainly not all
of them, I've heard GNU/Linux there too, although not especially often). Like many
brand names, the "Linux" term was (long ago)
stretched to cover a wide array of products when
they are collectively running on top of Linux.
But, if people want to look a little silly (not a huge deal, to each his own) and call things
GNU/Linux, that's their right. Just don't behave like the bloody thought police. I've had people send me notices
asking me to change web pages, other persons have even declined to work with the Linux Standard Base project on the basis of the name (since it
covers libraries above the kernel), etc.
My pet peeve isn't that people call it GNU/Linux. It's the people who tell me what to call it.
It strikes me as odd how certain people are
willing to leap to the defense of someone just
because they're a coworker or share
a profession. I can understand a mother defending a son, it must be hard to admit that your son
didn't turn out so well, but a coworker? Please.
I'm not defending the six weeks
of "unexplained incarceration" (nice objective
terminology there, there was an explanation,
he was being held as a material witness which
is not a new practice -- okay, maybe I am
defending it a little bit), but if the guy was trying to wage war against his country's military, then in *any* country, you'd expect him to be arrested and charged. (Note: in China or Cuba, you're lucky if you are only sent to jail for speaking out against your government. Some people just get shot.)
I don't see why he should be entitled to special
protection just because he's a software engineer
or for any other reason. I don't care if he
has friends!
This reminds me a lot of the Randal Schwartz
trial (although let me be clear that I'm not
saying Randal committed treason! I'm just
talking about popular software types being
charged with crimes). While I don't know all of the facts, it always seemed like people are
especially ready to jump to the defense of someone, even without all of the facts, just
because of their professional standing. This
seems particularly true of people in the computer
industry. (Maybe that's just because I tend to
read technically-oriented forums like Slashdot.)
Anyway, treason is treason, alleged crimes are alleged crimes. It shouldn't matter
if the guy was a software engineer or a shoe
salesman.
His post included this (now third-hand) quote from
a DAPRA spokesperson:
I wanted to update you on the situation with the Univ of
Penn. project. As a result of the DARPA review of the project, and
due to world events and the evolving threat posed by increasingly
capable nation-states, the Government on April 21 advised the
University to suspend work on the "security fest" portion of the
project.
While this explanation is somewhat lacking and
terse, it does not say "Open Source Enables Terrorist States". I didn't
know what the "security fest" portion was, so
I did some googling, but didn't find anything
obvious. Just the same, there's a very tangible
difference between deciding to not fund an open-source-related security-related project and deciding that open source is terrorism. Maybe we
could get a little more information before
going hog wild with the paranoid fears?
To be sure, it does sound pretty darn paranoid, but I'm dealing with third-party information that seems designed to be inflammatory. And inflame it did.
Also, while I don't believe in security through
obscurity as a general principle (which is implied here), there are still a number of people, even
some Slashdot readers, who follow the principle
in some respects. For example, the large number
of people who get upset when some releases
an exploit without contacting the vendor first.
I also wouldn't be surprised if there wasn't some
other reasons why the grant was pulled (or not
given?), but again, I'm lacking information.
But, by all means, go crazy with what little information you do have!
I'm not a citizen of the net. I'm a citizen of
my country. Most of the people on the net could
really care less about me and my well-being. Many
-- I don't know if it is "most" or "some" -- of them are downright hostile to me and the things I
believe in. There's no need to go into a full list. Actually, I'd love to go into a full list, but I'd probably just be moderated down by the people who are hostile to my views.
There is nothing magical about the net. People
are still people. Some of them are out for power,
some are not. Some agree with me, some do not.
Some people will be able to manipulate net media
just like some people can manipulate mass media
now.
What obvious to me is that many bloggers
have just as overinflated ego about their
importance that many talking heads in the media have right now. For the moment, I'm avoiding
the blog popularity contest. While I do read
a few interesting blogs, I try to avoid ones run
by people with big heads who think (right or
wrong) that the internet will be the vehicle
that will make them powerful. I'd rather vote
in an election (even with limited realistic choices) than let pagerank decide what I believe.
I'm probably posting far too late to ever get any shot at moderation points, but I think the point a lot of the posters have missed is the reason the photo was altered in this way.
Face it, the British soldier looks more like
he's pointing his gun directly at the man and his
child in the altered photograph. He's a menacing
foreign invader. They were a moment away from being 2 more dead civilians! In addition to changing the aim of the rifle, his pose is also more threatening with the change in position and the apparent distance between the soldier's rifle and the man carrying his injured child was also reduced. If you actually take the time to look at the retraction and the original photographs, you will see that the original two photographs aren't
nearly as menacing.
The difference between this photograph and much
of the journalism regarding the Iraq war is that
there was an objective truth here and it was
possible to identify the photographer's alteration of the truth to make a journalistic statement. It is not so easy most of the time.
Also, the whole LA Times photographer's explanation that the photo was changed to "improve the composition" is complete
bull and I'm not surprised that the LA Times editorial staff is supporting that position (even though they fired him). It seems more likely that it was done to better make a specific impression on readers about the conduct of US and British soldiers.
Deersoft made Exchange and Outlook versions, but they are being revamped since Deersoft was acquired, so they're not being sold for a few months.
and more...
Not to mention all the reasons why challenge-response filtration systems are alienating to the rest of the world. Sure, you will get almost no spam, but you'll also lose
a lot of legitimate email from disgruntled people
who don't like being challenged. (My standard
reply to TMDA challenges is to... not. I find it very obnoxious when I reply to someone, answer a question, or heck, just email them for any legitimate reason, that I have to prove that I'm a human. It basically sends the message that "my time is more important than your time".)
Thankfully, there are some strong anti-spam methods that are being developed which don't require challenge-response, opt-out lists,
patented crypto, or any of the other dumb ideas
I keep reading about.
"because we're going to do a cliffhanger that will put a new twist on the series as it enters its third year"
Actual cliffhangers considered by Paramount:
Final scene ends with Captain Archer ripping
clothes off of T'Pol. Cliffhanger element: how far
will the on-screen nudity go?
Enterprise explodes! Cliffhanger element: how will the crew survive?
Love triangle between T'Pol, Archer, and a new alien crewmember. Cliffhanger
element: nobody knows whether alien loves T'Pol, Archer, or the captain's chair.
Series is cancelled. Cliffhanger element: will die-hard fans finally realize this is the worst Star Trek series ever and stop watching?
Sorry, that was one was added by me.
The best TV-watching decision I've made all year was deleting Enterprise from my list of TiVo Season Passes. I'm a huge DS9 fan (still rewatching episodes as they air), I watched every episode of the other series (well, I missed a few Voyagers, I think you understand), but I can't believe people are still watching Enterprise.
The Slashdot story I'm waiting to hear is that Terry Nation's Survivors is coming out on DVD. Terry Nation was a science fiction script writer who could actually write.
I agree. Let's start by retraining the 275 million people in the United States to all use the metric system like the other 5.8 billion people on the planet do. Then we'll move on to language.
I am not a native speaker of the metric system,
but I agree. I had to learn to speak metric in
dribs and drabs as I went through school and I
still am not fluent with the Centigrade part of the language and I'm not sure how many kilograms
I mass either. I am pretty fluent in the meter
and the liter at least.
The English system of measurements is one language
I won't miss too much. But, I will miss a few things:
pints
the 100-degree-day
a cup of flour (or you name it)
running the mile
Translate those to metric and you lose a lot of
the magic (or complain factor for the 100-degree-day).
You must have a short memory. It wasnt that long ago that OpenSSH was trojaned, and thats about as secure/public an example as you need.
Thanks, that proves my point that open source holes
are easily found. The OpenSSH trojan was
discovered only one week after the trojan was
deployed. How many closed source trojans and backdoors do you think are discovered that
quickly?
I am working on an app for the govt, and yes, I have programmed in a backdoor login [...] it is NEVER to be deployed turned on
Pheew... I was worried there for a moment, but I'm glad that the government would never deploy any backdoors in their software.
On a more serious note: to all the people who say "blah blah blah open source... who ever reads all of those lines of code, anyway?" The answer is lots of people if the code is Apache, bind, or any other program that gets deployed widely. Try inserting some backdoor code and see how long your commit access lasts!
What moron actually believes it's easier to disassemble code and look for backdoors in proprietary closed source code??? I'd much rather
have the ability to download the source that is being downloaded by thousands of other people.
No, this is not absolute assurance, but that's not a valid argument against open source.
if more people in britan just reported it. Americans tend to not report things of this nature out of shame.
Do you have data to back up that assertion? I could just as easily say "I wonder if this is because Britons are dumb. Americans tend to be smarter about not being scammed in this way."
I don't actually believe that, but I don't believe
what you said either.
if the requirements had been:
Requires Linux 2.5.62 with KDE 3.0 and peer-to-peer upgrade. (with the subtitling that it doesn't run on windows)
Would someone have made exactly the same comment?
Well, duh! Of course! A production version of Windows XP is at least as unstable as the average development version of the Linux kernel (not counting paper-bag releases).
Of course, you really should also consider the differences in freedom. It's more than just being "pro-Linux" and "anti-Microsoft".
It looks like the problem are the distributed
checksum tests, specifically Razor2 and DCC.
I realize DCC is not a spam test, but a "bulkiness"
test, but we use it as one of our rules and let
our GA (genetic algorithm) figure out how worthwhile it is. Unfortunately, in this case, it helps drive Crypto-Gram into the probable spam region. Crypto-Gram is a bit different than other newsletters in that it contains a lot of
clippings from spams, scams, security-related
excerpts like JavaScript, etc. that trigger some
SA rules.
As far as Razor2 goes, it seems like their
trust metric needs some work. Crypto-gram isn't
showing up in the Razor2 database now, but it
only has to be there when you receive the mail.
(Brings to mind delayed re-checking, but that's
an idea for later implementation.)
If you are a Crypto-Gram subscriber, my advice is
to either whitelist it or write a rule that
matches the newsletter and assign the rule a
negative score. Also upgrade to SA 2.50 when it
is released.
Slashdot Mirror
I beg to differ (and not just because I liked Ronald Reagan) because the US Navy has named other ships after living persons. Not many, to be sure, but the tradition, if there ever was one, has long been changed.
This is an excerpt from the Ronald Reagan entry in wikipedia:
Also, in 1980, Carl Vinson became the first person to witness an aircraft carrier being launched in his own honor (history of the USS Carl Vinson).
Now, for USPS stamps, there's a clearer tradition of waiting until a person is no longer living, so if you want to start your campaign to make sure that Reagan is left off of stamps until he's deceased, go for it...
Anyway, I realize the speech was about something else and this quote was probably selected because of its topical nature (or the reporter's leanings), but the story has been well disproven as a falsehood seized upon by the media in their frenzy to discredit the US and the UK. I'm surprised to see the "thousands and thousands" version of the story, intended to swing public opinion against the Iraq war, still being referenced.
"These treasures were created over tens of thousands of years, and all of a sudden, because of the lack of foresight of a few greedy people, a lot of them were removed from the world," he said. "The world has to decide whether or not to send in troops to guard this free and open-source software, to protect it for the world's use."
Even The Guardian has backed off of the earlier story.
If you want a right-wing source instead of a left-wing source, try WorldNetDaily which was published more than a month before the Guardian one (it helps to use multiple sources).
And even if the original version of the story had been true, I could really care less about some museum pieces compared to the lives of the US and UK military, the Iraqi people, the Kurds, etc.
That's what I thought too before I bought my TiVo with DirecTV service!
Anonymous Coward:
That's right. We're not serfs. You can leave the company if you're not happy with the ultimatum. However, what works better is to voice your concerns and threaten to resign if your concerns are not met. If you are Barney Goofoff, then they're not going to care, but if you are valuable, then if management knows what is good for them, they will listen, especially if others are likely to follow your example. If they don't listen, you probably don't want to work there anyway.
Better not do it without a damn good reason or if you have poor skills.
If you're a slacker, you're better off joining a union or better yet, spend all your time trying to start one, be a trouble maker, and then when you get fired, you can sue! (Maybe it's too bad that people can't sue when they are forced into a union against their will.)
Unions are just a plain bad idea for technical skilled people, especially the most skilled people. We're not just turning screwdrivers.
I've been an individual contributor, a manager, and a team leader all within the same company, usually going where the need was greatest or my skills matched. About half of my managers were engineers (and some were good managers) and they too changed roles from time to time. Unions assume that it's management vs. the employees. In addition to being part of either group, I was also a part owner of the company (through stock options). When I got laid-off, I knew it was the only option for the company at the time. Yeah, I thought bad decisions had been made before that point (and obviously, I thought laying me off was a bad idea, but those are the breaks, I wasn't going to cry about it).
In addition to all that, I'd rather be free to negotiate my own salary, schedule, etc. Being part of a union would not help.
Anyway, please keep your unions to yourself. I like being independent and being judged and paid according to my own work. If I can avoid it, I'll never join a union. It's one of the worst things that could happen to my long-term career and compensation prospects.
Did I miss something? Why should anyone care if Netflix goes out of business? If Wal-Mart can beat 'em, more power to them. It's a business run over the web and by postal mail. Anyone can compete in this space and we, the consumer, have nothing to lose (except maybe if all the players disappear). This is good for us, maybe we'll get a price war, especially if a few more companies decide to jump into the business.
I don't want to hear any whining about Wal-Mart and small town stores. Whatever you believe, it just doesn't apply here since this business has no store front.
You missed hidden costs (which I mentioned). Insurance is probably cheaper if you have a minimally trained attendant pump the gas (who knows where the fire extinguisher is, can tell people to not smoke, and so on) rather than any random person who might sue (and probably does from time to time) the company running the gas station.
Here's some additional information
I actually liked that I didn't have to get out of my car to pump gas on a cold/hot/rainy day or when I was wearing something nice or just didn't feel like getting my hands grimey on the pump handle. Not to be a germaphobe, but you all know what I mean.
Anyway, as far as gas taxes go, I think people would be more in favor of them if they really went straight to the roads and not into each state's general fund where they are wasted just like the rest of our money. I'm not sure if Oregon is that way, but you know California and most states are.
I've been testing RBLs for SpamAssassin for the last several months. They tend to have a far worse false positive problem than your unique travel problem, so we have to be very careful about how they get used (weighted scores and so on). The SpamHaus Block List, which you mention, has a FP rate of 0.5%. Open proxy block lists have a much lower false positive rate (some have an FP rate of virtually zero, like OPM), but they don't account for all spam.
You also seem to have ignored my argument that authentication solves your problem. If it doesn't prevent legitimate senders from sending email (like some cash-based methods would), I think it's worth a shot at the very least.
As for the argument that RMX won't stop spammers, I think it can only help. Why do you think spammers forge domains right now? It makes it easier for their message to get out if they can impersonate good domains. Make that impossible and it makes it harder for them to get their message out, so they make less money on spam. And if you combine RMX with public listings of "good domains" -- places that have a historic record of not being spam friendly (this also largely handles your .edu domain issue), then it
makes it much easier to filter email. RMX is
not the entire solution, it's part of the
solution. RMX also allows reliable whitelisting
and blacklisting (which is hard to do accurately
right now).
Also, if spammers have to resort to hijacking computers to send their UBE, it should make it somewhat easier to punish them severely.
I just can't see any reason why being able to verify that a mail server was allowed to send mail on the behalf of a domain is a bad thing. In addition to everything else I've said, it makes fraud more difficult, whitelists stronger, RBLs more effective (especially domain-based ones like dsn.rfc-ignorant.org), and will help Bayesian systems as well (since From: domain will become a more meaningful token). There is a huge number of improvements this will allow in spam filters. This is long past due.
This is a really weak argument to continue to allow anyone to impersonate me (well, to pretend to be allowed to send mail for my domain). There are two simple reasons why:
Basically, if you aren't happy with RMX, just find a different ISP (probably one that is spammer friendly, go figure) or set up your own domain. I like this solution because the market can decide whether or not it will be useful and user choice (in spam filters) can be preserved.
I hope we'll be able to add this useful tool to SpamAssassin soon.
(I agree with you entirely about "spam" already having a perfectly good definition: UBE. I suspect their weasel-words are due to the influence of the DMA and their allies who claim that spam is only a problem because of fraud and scams. No, spam is a problem because I'm being flooded by UBE. I don't care if it's fraudulent or not.)
And O.J. Simpson didn't kill his ex-wife too.
Of course, if the government (any government) wanted to mandate blacklists, it would be a horrible idea! And I'd be right along with everyone else -- against it.
Now that that's off my chest, I think the biggest misunderstanding about DNS blacklists is how to use them. Most sites use them as absolute blocks. That is, if any relay on an incoming email is found in a single blacklist, then that message is blocked. I've tested hundreds of blacklists and no single blacklist that includes any appreciable number of spammer IP addresses is absolutely reliable.
The solution is technical and simple: use more than one blacklist. Weight them. Use math and statistics to achieve good results based on past accuracy rates. Don't use the ones that work poorly such as SPEWS which has a poor false positive rate, or just weight them much lower than better blacklists.
Incidentally, this is exactly the approach that SpamAssassin takes. We let our genetic algorithm decide what weight to use for each blacklist. It's not perfect, but boy, does it help keep spam out of our inboxes! Actually, this is the SpamAssassin philosophy about email filtering in general. We don't place all our bets on any single filtering method. We use every method at our disposal and let statistical methods decide what works best and how to weight them. If spam evolves, we evolve. If the attacks on Bayesian filtering prove to be too powerful, we'll have other methods to fall back on. Sorry for the advertisement, but I think the "all or none" approach is exactly why some people are so against blacklists. That's also why most legislative anti-spam proposals are such incredibly bad ideas.
Daniel
This is true up until the point of what most people say when they're downloading linux-2.5.68.tar.gz.
Virtually everyone I've known says "Linux kernel", "the kernel", or just "2 5 68" in that context. Why? Because you need to be more specific since almost everyone uses "Linux" to refer to either. That includes kernel developers (certainly not all of them, I've heard GNU/Linux there too, although not especially often). Like many brand names, the "Linux" term was (long ago) stretched to cover a wide array of products when they are collectively running on top of Linux.
But, if people want to look a little silly (not a huge deal, to each his own) and call things GNU/Linux, that's their right. Just don't behave like the bloody thought police. I've had people send me notices asking me to change web pages, other persons have even declined to work with the Linux Standard Base project on the basis of the name (since it covers libraries above the kernel), etc.
My pet peeve isn't that people call it GNU/Linux. It's the people who tell me what to call it.
*sigh*
I'm not defending the six weeks of "unexplained incarceration" (nice objective terminology there, there was an explanation, he was being held as a material witness which is not a new practice -- okay, maybe I am defending it a little bit), but if the guy was trying to wage war against his country's military, then in *any* country, you'd expect him to be arrested and charged. (Note: in China or Cuba, you're lucky if you are only sent to jail for speaking out against your government. Some people just get shot.)
I don't see why he should be entitled to special protection just because he's a software engineer or for any other reason. I don't care if he has friends!
This reminds me a lot of the Randal Schwartz trial (although let me be clear that I'm not saying Randal committed treason! I'm just talking about popular software types being charged with crimes). While I don't know all of the facts, it always seemed like people are especially ready to jump to the defense of someone, even without all of the facts, just because of their professional standing. This seems particularly true of people in the computer industry. (Maybe that's just because I tend to read technically-oriented forums like Slashdot.)
Anyway, treason is treason, alleged crimes are alleged crimes. It shouldn't matter if the guy was a software engineer or a shoe salesman.
While this explanation is somewhat lacking and terse, it does not say "Open Source Enables Terrorist States". I didn't know what the "security fest" portion was, so I did some googling, but didn't find anything obvious. Just the same, there's a very tangible difference between deciding to not fund an open-source-related security-related project and deciding that open source is terrorism. Maybe we could get a little more information before going hog wild with the paranoid fears?
To be sure, it does sound pretty darn paranoid, but I'm dealing with third-party information that seems designed to be inflammatory. And inflame it did.
Also, while I don't believe in security through obscurity as a general principle (which is implied here), there are still a number of people, even some Slashdot readers, who follow the principle in some respects. For example, the large number of people who get upset when some releases an exploit without contacting the vendor first.
I also wouldn't be surprised if there wasn't some other reasons why the grant was pulled (or not given?), but again, I'm lacking information.
But, by all means, go crazy with what little information you do have!
I'm not a citizen of the net. I'm a citizen of my country. Most of the people on the net could really care less about me and my well-being. Many -- I don't know if it is "most" or "some" -- of them are downright hostile to me and the things I believe in. There's no need to go into a full list. Actually, I'd love to go into a full list, but I'd probably just be moderated down by the people who are hostile to my views.
There is nothing magical about the net. People are still people. Some of them are out for power, some are not. Some agree with me, some do not. Some people will be able to manipulate net media just like some people can manipulate mass media now.
What obvious to me is that many bloggers have just as overinflated ego about their importance that many talking heads in the media have right now. For the moment, I'm avoiding the blog popularity contest. While I do read a few interesting blogs, I try to avoid ones run by people with big heads who think (right or wrong) that the internet will be the vehicle that will make them powerful. I'd rather vote in an election (even with limited realistic choices) than let pagerank decide what I believe.
Daniel
Face it, the British soldier looks more like he's pointing his gun directly at the man and his child in the altered photograph. He's a menacing foreign invader. They were a moment away from being 2 more dead civilians! In addition to changing the aim of the rifle, his pose is also more threatening with the change in position and the apparent distance between the soldier's rifle and the man carrying his injured child was also reduced. If you actually take the time to look at the retraction and the original photographs, you will see that the original two photographs aren't nearly as menacing.
The difference between this photograph and much of the journalism regarding the Iraq war is that there was an objective truth here and it was possible to identify the photographer's alteration of the truth to make a journalistic statement. It is not so easy most of the time.
Also, the whole LA Times photographer's explanation that the photo was changed to "improve the composition" is complete bull and I'm not surprised that the LA Times editorial staff is supporting that position (even though they fired him). It seems more likely that it was done to better make a specific impression on readers about the conduct of US and British soldiers.
Not to mention all the reasons why challenge-response filtration systems are alienating to the rest of the world. Sure, you will get almost no spam, but you'll also lose a lot of legitimate email from disgruntled people who don't like being challenged. (My standard reply to TMDA challenges is to ... not. I find it very obnoxious when I reply to someone, answer a question, or heck, just email them for any legitimate reason, that I have to prove that I'm a human. It basically sends the message that "my time is more important than your time".)
Thankfully, there are some strong anti-spam methods that are being developed which don't require challenge-response, opt-out lists, patented crypto, or any of the other dumb ideas I keep reading about.
Actual cliffhangers considered by Paramount:
Sorry, that was one was added by me.
The best TV-watching decision I've made all year was deleting Enterprise from my list of TiVo Season Passes. I'm a huge DS9 fan (still rewatching episodes as they air), I watched every episode of the other series (well, I missed a few Voyagers, I think you understand), but I can't believe people are still watching Enterprise.
The Slashdot story I'm waiting to hear is that Terry Nation's Survivors is coming out on DVD. Terry Nation was a science fiction script writer who could actually write.
I am not a native speaker of the metric system, but I agree. I had to learn to speak metric in dribs and drabs as I went through school and I still am not fluent with the Centigrade part of the language and I'm not sure how many kilograms I mass either. I am pretty fluent in the meter and the liter at least.
The English system of measurements is one language I won't miss too much. But, I will miss a few things:
Translate those to metric and you lose a lot of the magic (or complain factor for the 100-degree-day).
Regards.
Thanks, that proves my point that open source holes are easily found. The OpenSSH trojan was discovered only one week after the trojan was deployed. How many closed source trojans and backdoors do you think are discovered that quickly?
Pheew... I was worried there for a moment, but I'm glad that the government would never deploy any backdoors in their software.
On a more serious note: to all the people who say "blah blah blah open source... who ever reads all of those lines of code, anyway?" The answer is lots of people if the code is Apache, bind, or any other program that gets deployed widely. Try inserting some backdoor code and see how long your commit access lasts!
What moron actually believes it's easier to disassemble code and look for backdoors in proprietary closed source code??? I'd much rather have the ability to download the source that is being downloaded by thousands of other people. No, this is not absolute assurance, but that's not a valid argument against open source.
Do you have data to back up that assertion? I could just as easily say "I wonder if this is because Britons are dumb. Americans tend to be smarter about not being scammed in this way."
I don't actually believe that, but I don't believe what you said either.
if the requirements had been:
Requires Linux 2.5.62 with KDE 3.0 and peer-to-peer upgrade.
(with the subtitling that it doesn't run on windows)
Would someone have made exactly the same comment?
Well, duh! Of course! A production version of Windows XP is at least as unstable as the average development version of the Linux kernel (not counting paper-bag releases).
Of course, you really should also consider the differences in freedom. It's more than just being "pro-Linux" and "anti-Microsoft".
It looks like the problem are the distributed checksum tests, specifically Razor2 and DCC.
I realize DCC is not a spam test, but a "bulkiness" test, but we use it as one of our rules and let our GA (genetic algorithm) figure out how worthwhile it is. Unfortunately, in this case, it helps drive Crypto-Gram into the probable spam region. Crypto-Gram is a bit different than other newsletters in that it contains a lot of clippings from spams, scams, security-related excerpts like JavaScript, etc. that trigger some SA rules.
As far as Razor2 goes, it seems like their trust metric needs some work. Crypto-gram isn't showing up in the Razor2 database now, but it only has to be there when you receive the mail. (Brings to mind delayed re-checking, but that's an idea for later implementation.)
If you are a Crypto-Gram subscriber, my advice is to either whitelist it or write a rule that matches the newsletter and assign the rule a negative score. Also upgrade to SA 2.50 when it is released.
Dan